Difference between revisions of "Rocket Chat"

From SME Server
Jump to navigationJump to search
m (→‎smeserver-rocketchat contrib: Separate contrib page)
Line 285: Line 285:
 
[[Category: Webapps]]
 
[[Category: Webapps]]
  
 
==smeserver-rocketchat contrib==
 
{{WIP box}}
 
This contrib aims to reduce some of the setup for rocketchat and add some flexibility with settings
 
 
Add repos:
 
 
* [[epel]]
 
* [[Centos-sclo-rh]]
 
* [[User:ReetP|reetp]]
 
 
yum install rh-python34-python rh-mongodb26-mongodb rh-mongodb26-mongodb-server nodejs010 GraphicsMagick --enablerepo=centos-sclo-rh,epel
 
 
scl enable nodejs010 bash
 
npm install -g inherits
 
npm install -g n
 
n 0.10.40
 
exit
 
 
cd /root
 
curl -L https://rocket.chat/releases/latest/download -o rocket.chat.tgz
 
tar zxvf rocket.chat.tgz
 
mv bundle /opt/Rocket.Chat
 
 
cd /opt/Rocket.Chat/programs/server
 
npm install
 
npm install -g forever
 
 
patch mailcomposer.js to add From header. You can use this from wherever the patch file is (where should it be ?):
 
patch -p0 -i /opt/mailcomposer.patch
 
 
Install rocket chat contrib:
 
 
yum enablerepo=reetp install smeserver-rocketchat
 
 
db setprop rocketchat status enabled
 
 
signal-event post-upgrade;signal-event reboot
 
 
DB settings
 
 
rocketchat=service
 
    TCPPort=3000
 
    access=public
 
    mailPort=25
 
    mailURL=localhost
 
    status=enabled
 
 
rh-mongodb26-mongod=service
 
    TCPPort=27017
 
    access=private
 
    mongoURL=localhost
 
    status=enabled
 
 
BEFORE we login for the first time we need to set up mail settings correctly:
 
 
From bash:
 
 
mongo rocketchat --eval 'db.rocketchat_settings.update({"_id" : "SMTP_Host"}, {$set: {"value":"localhost"}});'
 
mongo rocketchat --eval 'db.rocketchat_settings.update({"_id" : "From_Email"}, {$set: {"value":"admin@yourdomain.com"}});'
 
 
We can check the individual values set like this:
 
 
mongo rocketchat --eval 'db.rocketchat_settings.find({"_id":"From_Email"}, {_id:0, value:1}).shellPrint();'
 
mongo rocketchat --eval 'db.rocketchat_settings.find({"_id":"SMTP_Host"}, {_id:0, value: 1}).shellPrint();'
 
 
All values per _id:
 
mongo rocketchat --eval 'db.rocketchat_settings.find({"_id" : "SMTP_Host"}).shellPrint();'
 
mongo rocketchat --eval 'db.rocketchat_settings.find({"_id" : "From_Email"}).shellPrint();'
 
 
 
Now restart rocketchat to reread the DB settings:
 
 
service rocketchat restart
 
 
Login at http://yourdomain:3000
 
 
It will first get you to create an admin user.
 
 
If you have an issue with no email sent/received then login using the email address and password you just set
 
 
===Bugs===
 
 
Look for bugs :-) As the contrib is not in CVS please report them in the forum
 
 
===SSL - in progress===
 
 
You will need smeserver-rocketchat-0.1-4
 
 
We need some extra settings to enable SSL with ProxyPass.
 
 
First install proxy pass rpm:
 
 
yum --enablerepo=fws install mod_proxy_wstunnel
 
 
Regenerate httpd.conf
 
 
signal-event remoteaccess-update
 
 
Now we need to setup our subdomain
 
 
db domains set chat.mycompany.local domain Description RocketChat Nameservers internet \
 
TemplatePath ProxyPassVirtualRocketchat ProxyPassTarget http://localhost:3000/
 
 
It should look like this:
 
 
chat.mycompany.local=domain
 
    Nameservers=internet
 
    ProxyPassTarget=http://127.0.0.1:3000/
 
    TemplatePath=ProxyPassVirtualRocketchat
 
 
 
We need to set Rocketchat to listen on localhost now:
 
 
config setprop rocketchat rootURL localhost
 
signal-event remoteaccess-update
 
service rocketchat restart
 
 
If you can now successfully get to Rocketchat on your subdomain https://chat.mycompany.local you can disable default access on port 3000:
 
 
config setprop rocketchat access private
 
signal-event remoteaccess-update
 
  
 
==Letsencrypt support==
 
==Letsencrypt support==

Revision as of 18:48, 21 August 2016

PythonIcon.png Skill level: Advanced
The instructions on this page may require deviations from standard procedures. A good understanding of linux and Koozali SME Server is recommended.


Rocket-dot-chat-logo.png

Maintainers

Manual install RequestedDeletion

Contrib: John Crisp

About

"Rocket.Chat, the ultimate webchat platform. From group messages and video/audio calls all the way to helpdesk killer features. Our goal is to become the number one cross-platform open source chat solution"

  • Messaging Direct and group messages, public or private.
  • Video Conference Chat with your colleagues and friends face-to-face over audio and video. See details. Test your device here.
  • Helpdesk chat Have your website visitors contact you in real-time and increase conversions.
  • File sharing Drag-and-drop files or select them from your computer or mobile device.
  • Screen sharing Select any window to share with your audience.
  • Voice messages Record and transmit voice messages to a channel, group or private conversation.
  • Link preview Post a link and immediately view its content. YouTube, Twitter, Gifs!
  • API Integrate your chat to multiple services: GitHub, GitLab, JIRA, Confluence and others.
  • Extendability Want a killer new feature? Add a new package. It's as simple as that.
  • Native applications Native client applications available for download on Linux, Windows and OSX.
  • Mobile applications Mobile client applications available for iOS and Android on their respective stores.


In short, a Slack, HipChat, Jabber (XMMP), IRC or even a Skype alternative, completely and securely self hosted and controlled. Great for closed (company/family/friends/community) teams.


Important.png Note:
Rocket.Chat is a young project and therefore under very active development. Very regularly they release new (minor) versions. Your milage may vary! Please see their development on GitHub for the activities and Rocket.Chat developments.


This how-to can be discussed on the forums here

RocketChat for SME Server 9.x 64-bit only!
Latest Rocket.Chat version tested: 0.36.0 (please see the change log here).

Installation SCL environment

Add the epel repository

/sbin/e-smith/db yum_repositories set epel repository \
Name 'Epel - EL6' \
BaseURL 'http://download.fedoraproject.org/pub/epel/6/$basearch' \
MirrorList 'http://mirrors.fedoraproject.org/mirrorlist?repo=epel-6&arch=$basearch' \
EnableGroups no \
GPGCheck yes \
GPGKey http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL \
Exclude perl-Razor-Agent \
Visible no \
status disabled

Add scl and centos-sclo-rh repositories

/sbin/e-smith/db yum_repositories set scl \
repository Name 'Software collections' \
BaseURL 'http://mirror.centos.org/centos/$releasever/SCL/$basearch/' \
EnableGroups no Visible yes status disabled
/sbin/e-smith/db yum_repositories set centos-sclo-rh \
repository Name 'Centos-RH Software collections' \
BaseURL 'http://mirror.centos.org/centos/$releasever/sclo/$basearch/rh/' \
EnableGroups no Visible yes status disabled

Expand new repo’s

signal-event yum-modify

Install Software Collections applications

Before you can install any of the Software Collections applications, you must install the Software Collections tools first. Please see Software Collections how to install and enable Software Collections.

yum install rh-python34-python rh-mongodb26-mongodb rh-mongodb26-mongodb-server \
nodejs010 GraphicsMagick --enablerepo=centos-sclo-rh,epel

using NodeJS package manager NPM to install/update (additional) NodeJS packages:

scl enable nodejs010 bash
npm install -g inherits
npm install -g n
n 0.10.40
exit

Create the SME Server MongoDB service

(please note the usage of mongod and NOT mongodb)

ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99rh-mongodb26-mongod
config set rh-mongodb26-mongod service
config setprop rh-mongodb26-mongod status enabled
config setprop rh-mongodb26-mongod access private
config setprop rh-mongodb26-mongod TCPPort 27017
signal-event remoteaccess-update

Create boot scripts for the Software Collections applications

nano -w /etc/profile.d/scls-rh-mongodb26.sh

#!/bin/sh
source /opt/rh/rh-mongodb26/enable
export X_SCLS="`scl enable rh-mongodb26 'echo $X_SCLS'`"

nano -w /etc/profile.d/scls-rh-python34.sh

#!/bin/sh
source /opt/rh/rh-python34/enable
export X_SCLS="`scl enable rh-python34 'echo $X_SCLS'`"

nano -w /etc/profile.d/scls-rh-java-common.sh

#!/bin/sh
source /opt/rh/rh-java-common/enable
export X_SCLS="`scl enable rh-java-common 'echo $X_SCLS'`"

nano -w /etc/profile.d/scls-nodejs010.sh

#!/bin/sh
source /opt/rh/nodejs010/enable
export X_SCLS="`scl enable nodejs010 'echo $X_SCLS'`"

A reboot at this point is required to load all of the Software Collections profile/config files.

signal-event reboot

Installation of Rocket.Chat

Create the SME Server Rocket.Chat service

config set rocketchat service
config setprop rocketchat status enabled
config setprop rocketchat TCPPort 3000
config setprop rocketchat access public
signal-event remoteaccess-update

Get Rocket.Chat from their downloads repository

cd /root
curl -L https://rocket.chat/releases/latest/download -o rocket.chat.tgz
tar zxvf rocket.chat.tgz
mv bundle /opt/Rocket.Chat

Install NodeJS dependencies for Rocket.Chat

cd /opt/Rocket.Chat/programs/server
npm install

Set environment variables for Rocket.Chat

export ROOT_URL=http://yourserver.com/
export MONGO_URL=mongodb://localhost:27017/rocketchat
export PORT=3000

Start Rocket.Chat for the first time

cd /opt/Rocket.Chat
node main.js &

Browse to http://yourserver:3000 and create the first admin user.

The Rocket.Chat log files are at /var/log/rocketchat.log


Important.png Note:
This FIRST user will be the 'master administrator' even if you use LDAP authentication for your users. So if even if you use LDAP, this user will still be able to login and grant Rocket.Chat admin rights to LDAP accounts.


Make Rocket.Chat available on a sub domain

Install the Webapps-common contrib.

To create your sub domain (e.g. https://chat.yourserver.com)

db domains set chat.mycompany.local domain Description "RocketChat" Nameservers internet \
TemplatePath WebAppVirtualHost RequireSSL enabled ProxyPassTarget http://localhost:3000/

The 'ProxyPassTarget' property could also point to another host (IP) that has Rocket.Chat installed, e.g. a virtual SME Server on the same LAN. In that case, also LDAP and open/close ports have to be taken into consideration. To expand and activate:

signal-event webapps-update

To disable the default access on port 3000, for we now access our chat platform via the subdomain, and for security we close the default access method.

config setprop rocketchat access private
signal-event remoteaccess-update

You can now visit Rocket.Chat at https://chat.yourserver.com. Rocket.Chat will notice that the URL that is being used to access Rocket.Chat has been changed, and will propose to change it to the new URL.

Auto start Rocket.Chat at boot

To be able to auto start Rocket.Chat one could use the /etc/rc.d/rc.local file, but using the init system is cleaner and much more controlled. Nodejs has small utilities (modules) that can create the correct init script based on your specific Rocket.Chat setup.

To install these Nodejs modules issue:

npm install -g forever
npm install -g forever-service

Since SME Server has put it's name in /etc/system-release, the forever utility will not be able to detect the main distribution name (e.g. CentOS) and will exit with an error. To add 'SME Server' to the list of recognised distributions so that the forever-service tool will run properly, is to execute the following command (don't be disturbed by the Oracle mentioning, it's just to locate the correct position):

sed -i -e 's/(Oracle Linux)/(Oracle Linux)|(SME Server)/' \
/opt/rh/nodejs010/root/usr/lib/node_modules/forever-service/templates/sysvinit/installer.js

Generate the Rocket.Chat init script

Generate the init script 'rocketchat' that will automatically be placed into /etc/rc.d/init.d:

cd /opt/Rocket.Chat
forever-service install -s main.js -e "ROOT_URL=https://chat.mycompany.local/ \
MONGO_URL=mongodb://localhost:27017/rocketchat PORT=3000 MAIL_URL=smtp://mycompany.local:25" \
-p "/opt/rh/nodejs010/root/usr/lib/node_modules/forever/bin" rocketchat

Please use the correct values in the command above from your specific setup.

The created init script '/etc/rc.d/init.d/rocketchat' is not aware that we use Software Collections, so we have to add a directive to the init script that we do:

sed -i '26 a source /etc/profile.d/scls-nodejs010.sh' /etc/rc.d/init.d/rocketchat
Important.png Note:
Please note that if you change anything on your Rocket.Chat environment such as URL's, subdomain name(s), ports or mail server, you have to run the above again to reflect your new environment. If so, please remove /etc/rc.d/init.d/rocketchat first. (rm /etc/rc.d/init.d/rocketchat).


Create SME Server service link

Now we can create a link to the SME Server way of starting services automatically at boot time or manually:

ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99rocketchat

and you can start/stop/status your rocketchat service e.g.:

service rocketchat status
service rocketchat start
service rocketchat stop
service rocketchat restart

Please note that it may take a little while, up to a minute, for rocketchat to become available. In the mean time you can be shown a HTTP error 503. Please try again in a minute or a bit longer. Why this is? No Idea for now, other that it may be related to MongoDB processes.

WebRTC configuration

Important.png Note:
Please note that WebRTC connections on the chromium engines based browsers require secure connections (https). Normal http connections will be refused. Please see the letsencrypt wiki page for more info on how to obtain a valid certificate for your Koozali SME Server(s) and domains. Please see this article on why. How other browsers such as Firefox and IE manage this is not known, if you do, please add a note.


Rocket.Chat uses WebRTC to make voice/video calls. This requires the additional Apache module proxy_wstunnel. This is available from the fws repository.

yum install mod_proxy_wstunnel --enablerepo=fws

A custom template is required to load the proxy_wstunnel module by default and in the correct order:

mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
nano -w /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/20LoadModule60

and paste the following content and save:

{
   $OUT .= load_modules(qw(
   proxy_wstunnel
   ));
}

Then expand httpd.conf and restart Apache:

expand-template /etc/httpd/conf/httpd.conf
service httpd-e-smith restart

To show if the module is correctly loaded:

apachectl -M |grep wstunnel

it should be listed as proxy_wstunnel_module (shared)

LDAP Authentication

As the Rocket.Chat admin go into administration -> LDAP, and use the following settings (please use your server details):

Enable: True
Host: 127.0.0.1
Port: 389
Domain base: ou=Users,dc=mycompany,dc=local
Domain search user: uid=admin,ou=Users,dc=mycompany,dc=local
Domain search password: admin password of your server
Doamin search user ID: uid
Sync data: True
Default domain: chat.yourserver.com (as per the subdomain)

Save the settings and use the test button to test the connection to the LDAP directory. Then 'Sync users'. For more specific details on Rocket.Chat and LDAP user authentication please see their documentation.

Upgrade Rocket.Chat

Interestingly there is not much information on upgrading your Rocket.Chat version. It does not help either that the Rocket.Chat team closed their wiki and took it off-line in favour of a new doc system which is not populated with info as much.

The preferred way as it seems is completely remove /opt/Rocket.Chat...

service rocketchat stop
rm -rf /opt/Rocket.Chat

and then repeat the download, unpack and move get Rocket.Chat procedure above. Then start Rocket.Chat:

service rocketchat start

Please note it can take a bit for the Rocket.Chat service to become available for the MongoDB structure version is being checked and automatically updated according to the Rocket.Chat version.

Backup Rocket.Chat

Important.png Note:
Please note that this section is experimental. Somebody with more extensive knowledge of MongoDB may help here. This section is not finished yet, so please do NOT use on production servers, just test VM's. The default storage location of MongoDB is '/var/opt/rh/rh-mongodb26/lib/mongodb' (as set in '/etc/opt/rh/rh-mongodb26/mongod.conf'.) We might want to change this to /home/e-smith/files/mongodb' or '/var/lib/mongodb' and run a script to be included in the pre-backup event, just like MySQL, to hold transactions and make a backup.


To be able to backup Rocket.Chat data with the default SME Server backup mechanisms, the data should be available within the backup paths. In this case we will place the Rocket.Chat backup data in /home/e-smith/files.

To dump the Rocket.Chat data:

mongodump --dumpDbUsersAndRoles -d rocketchat -o /home/e-smith/files

(Documentation) and to restore the Rocket.Chat data:

mongorestore --restoreDbUsersAndRoles -d rocketchat -dir /home/e-smith/files/rocketchat --quiet

You may want to automate the execution of the above mongodump command by means of a cron job. For easy management of this, you could use the excellent Crontab Manager contrib.

Remove Rocket.Chat

TBA

Desktop clients

Next to your browser, you can use Rocket.Chat desktop clients for Linux, Windows and Mac.

Please see:

https://github.com/RocketChat/Rocket.Chat.Electron/releases

Mobile clients

Obviously there are mobile clients for both Android and iOS. Please search for 'Rocket chat' in either app store.

Security

TO DO

  • Auto start Rocket.Chat
  • Backup and how to manage Rocket.Chat data (e.g. mongodb and FS options)
  • Include the push server config for both Android and iOS
  • Fine tune various things (e.g. Security)
  • Enable LDAP authentication
  • Create subdomain e.g. https://chat.yourdomain.com using the webapps-common contrib
  • Activiation/Notification emails are not sent, despite test success
  • Upgrade Rocket.Chat
  • Remove Rocket.Chat


  • Watch developments such as using PostgreSQL/MariaDB opposed to MongoDB
  • Test, test, test
  • Create a contrib
  • Showcase SME Server, contribs and software collections.

Tips & Tricks

  • Nice website for 'Cartoonish' avatars that can be used to replace your initials in all your Rocket.Chat conversations. Pick a face
  • Test/troubleshoot your device for WebRTC capabilities WebRTC Troubleshooter


Letsencrypt support

You can add letsencrypt should you wish - please see https://wiki.contribs.org/Letsencrypt

You will need to add the domain key as follows, and add your letsencrypt certificates:

db domains setprop chat.mycompany.local letsencryptSSLcert enabled

Mongo DB examples

Example using mongo itself:

mongo
use rocketchat
db.rocketchat_settings.find({"_id" : "SMTP_Host"})
db.rocketchat_settings.find({"_id" : "From_Email"})
db.rocketchat_settings.findOne({_id : "From_Email"}, {_id:0, value: 1})
db.rocketchat_settings.findOne({_id : "SMTP_Host"}, {_id:0, value: 1})


db.rocketchat_settings.update({"_id" : "From_Email"}, {$set: {"value":"admin@reetspetit.info"}})
db.rocketchat_settings.update({"_id" : "SMTP_Host"}, {$set: {"value":"mail.reetspetit.info"}})